Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_WEBCENTER_PORTAL_JULY_2015_CPU.NBIN
HistoryJul 22, 2015 - 12:00 a.m.

Oracle WebCenter Portal Multiple Vulnerabilities (July 2015 CPU)

2015-07-2200:00:00
This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
3

5.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

55.8%

JSON

The remote host has a version of Oracle WebCenter Portal installed that is affected by the following vulnerabilities :

  • A flaw exists in Oracle’s implementation of the JSR (Java Specification Request) 286 Portlet Specification functionality. A remote, authenticated attacker can exploit this, via crafted portal URL, to affect confidentiality and integrity. (CVE-2015-1926)

  • A security bypass vulnerability exists in the Portlet Bridge for JavaServer Faces due to a failure to properly restrict access to resources in web applications. A remote attacker can exploit this, via a URL with a modified resource ID, to disclose sensitive information.
    (CVE-2015-3244)

Binary data oracle_webcenter_portal_july_2015_cpu.nbin
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware

Related

prion 2
cvelist 2
cve 2
redhat 1
nvd 2
ibm 1
nessus 1
oracle 1
securityvulns 1
prion
prion
Design/Logic Flaw
2015-07-16 11:00:00
Design/Logic Flaw
2015-07-16 10:59:00
cvelist
cvelist
CVE-2015-3244
2015-07-16 10:00:00
CVE-2015-1926
2015-07-16 10:00:00
cve
cve
CVE-2015-1926
2015-07-16 10:59:06
CVE-2015-3244
2015-07-16 11:00:23
redhat
redhat
(RHSA-2015:1226) Moderate: Red Hat JBoss Portal 6.2.0 security update
2015-07-14 16:32:13
nvd
nvd
CVE-2015-3244
2015-07-16 11:00:23
CVE-2015-1926
2015-07-16 10:59:06
ibm
ibm
Security Bulletin: Vulnerability with Java Portlet Specification JSR 286 may affect WebSphere Application Server (CVE-2015-1926)
2018-06-15 07:03:23
nessus
nessus
Oracle E-Business Multiple Vulnerabilities (July 2015 CPU)
2015-07-15 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
securityvulns
securityvulns
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2015-07-20 00:00:00

5.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

55.8%

JSON
Related for ORACLE_WEBCENTER_PORTAL_JULY_2015_CPU.NBIN
prion2cvelist2cve2redhat1nvd2ibm1nessus1oracle1securityvulns1